tcpdump -vvv -nn -A -i dmz_2001 -s 0 -w tcpdump_filename.dat host 10.1.1.1 and port 443
ssldump -Aed -nr ./tcpdump_filename.dat -k /config/ssl/ssl.key/ssl-key.key > decrypted_ssldump_filename.txt
Monday, March 25, 2013
Taking tcp and ssl dump on the F5 load balancer
Taking tcp dump on the F5
Taking the ssl dump and decrypt the data that was just captured from the above tcp dump
--------------------
-i specify the interface you want to listen on
host is the ip that the data will be coming from (source ip or client ip)
